How to Excel at CTF Games with Linux Command Line Tools

Daniel Pericich
3 min readFeb 29, 2024

--

Photo by Towfiqu barbhuiya on Unsplash

I was working through Over the Wire’s Bandit CTF and found a lot of repetitive commands or workflows I had to use to retrieve flags. Though I could get all the flags, one of the points of CTF is to learn new methods and tools to be as efficient as possible. Two tasks I found incredibly repetitive were manually copying file paths to use in new commands and copying text to my clipboard for later shell sessions. To solve these, let us look at the xargs and xclip CLI tools.

Using xargs to Use Directory and File Paths as Arguments

The find and file CLI tools are great for searching for files within a system based off of certain criteria and for getting more information about a specific file. Say you wanted to find all files available to a user and group. You could write something like:

find . -user userX -group groupY

This will return a list of file paths to all applicable files. If you expected to find one file and wanted to print the contents of the file to the terminal you would have to copy and paste that file path into a second command:

find . -user userX -group groupY [First Command]
// OUTPUT: my-files/file1.txt
cat my-files/file1.txt [Second Command]
// OUTPUT: Hello Daniel!

It’s inefficient to pause, manually copy the file path output, and write a new command. It would be easier if there was a way to use the output from find in the cat command. Unfortunately, the output from our find command is a text string of the path, not the path itself. If we try to pipe the result of find directly to cat we end up printing the path name, not the file contents:

find . -user userX -group groupY | cat
// OUTPUT: my-files/file1.txt

To print the contents of our found file we need to use the Linux tool xargs. Xargs allows us to convert the output of a command from standard input to a command argument. With this tool, we can pipe our find output into a command that will print the contents of the file specified by the file path:

find . -user userX -group groupY | xargs cat
// OUTPUT: Hello Daniel!

The difference in our last two commands is how cat is called. In the first command, we pass cat a string representing the file path and tell it to print the contents. It receives a string as the standard output of the find command and proceeds to print the string: the file path.

When we use xargs we change what we pass to the cat command. Instead of passing output to print, we pass the cat command a file path as an argument. When cat receives data this way it understands to open the given file and print its contents. By using xargs we can avoid copying and pasting because we can write single commands.

Using xclip to Write Output to Your Clipboard

The Bandit CTF flags are text strings that allow you to log into the next CTF challenge. It is a pain to manually copy these from the terminal for later use. Luckily, there are many tools that we can use to directly copy our command output to the clipboard.

One of the most popular tools for copying terminal standard output to your clipboard is xclip. This Linux-based command can be piped output from other commands and will copy its input to the clipboard:

cat my-ctf-password.txt | xclip
// OUTPUT: null (copies text file's content to the clipboard)

The command directs output to your host clipboard so you can use the clipboard contents on your host or the SSH session through your terminal. This is helpful as you access the stored clipboard contents during different ssh sessions.

Bandit doesn’t include xclip as a standard tool in its CTF sessions. You must install and remove it every time you access a challenge server.

When I work on a MacOS, I usually use the built-in pbcopy. It is similiar to xclip. You may have to research which tools work best for your system and how to resolve any setup issues.

--

--

Daniel Pericich
Daniel Pericich

Written by Daniel Pericich

Former Big Beer Engineer turned Full Stack Software Engineer

Responses (1)